CVE-2018-19281: SQL Injection
First published: Wed Nov 14 2018(Updated: )
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.27) allows SNMP trap SQL Injection.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Centreon Centreon | =3.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-18.10/centreon-18.10.0.html
- https://documentation.centreon.com/docs/centreon/en/latest/release_notes/centreon-2.8/centreon-2.8.27.html
- https://github.com/centreon/centreon/pull/6627
- https://github.com/centreon/centreon/pull/7069
Frequently Asked Questions
What is CVE-2018-19281?
CVE-2018-19281 is a vulnerability in Centreon 3.4.x that allows SQL injection through SNMP traps.
How severe is CVE-2018-19281?
CVE-2018-19281 has a severity rating of 9.8 (Critical).
What is the affected software version of CVE-2018-19281?
Centreon versions from 3.4 to 18.10.0 are affected by CVE-2018-19281.
How can I fix CVE-2018-19281?
To fix CVE-2018-19281, update Centreon to version 18.10.0 or Centreon web to version 2.8.27.
What is the CWE ID of CVE-2018-19281?
CVE-2018-19281 is associated with CWE-89 (SQL Injection).
- collector/nvd-cve
- collector/nvd-index
- collector/github-advisory
- alias/GHSA-w2xf-4gg9-87wr
- alias/CVE-2018-19281
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- vendor/centreon
- canonical/centreon centreon
- version/centreon centreon/3.4
- package-manager/composer